StarMirror/toxcore
1
0
Fork 0
mirror of https://github.com/irungentoo/toxcore.git synced 2024-03-22 13:30:51 +08:00
Code Issues Projects Releases Wiki Activity

Merge pull request #768 from seshagiriprabhu/buffer_overflow_in_testing

Browse Source 
Added bound checking for the client id of the friend input in DHT test
This commit is contained in:
irungentoo 2014-02-25 16:45:44 -05:00
commit 1591eeee8e
2 changed files with 10 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
testing/DHT_test.c
View File

@ -203,9 +203,12 @@ int main(int argc, char *argv[])
char temp_id[128]; char temp_id[128];
printf("\nEnter the client_id of the friend you wish to add (32 bytes HEX format):\n"); printf("\nEnter the client_id of the friend you wish to add (32 bytes HEX format):\n");
if (scanf("%s", temp_id) != 1) if (!fgets(temp_id, sizeof(temp_id), stdin))
exit(0); exit(0);
if ((strlen(temp_id) > 0) && (temp_id[strlen(temp_id) - 1] == '\n'))
temp_id[strlen(temp_id) - 1] = '\0';
uint8_t *bin_id = hex_string_to_bin(temp_id); uint8_t *bin_id = hex_string_to_bin(temp_id);
DHT_addfriend(dht, bin_id); DHT_addfriend(dht, bin_id);
free(bin_id); free(bin_id);

9
testing/Messenger_test.c
View File

@ -164,9 +164,12 @@ int main(int argc, char *argv[])
char temp_hex_id[128]; char temp_hex_id[128];
printf("\nEnter the address of the friend you wish to add (38 bytes HEX format):\n"); printf("\nEnter the address of the friend you wish to add (38 bytes HEX format):\n");
if (scanf("%s", temp_hex_id) != 1) { if (!fgets(temp_hex_id, sizeof(temp_hex_id), stdin))
return 1; exit(0);
}
if ((strlen(temp_hex_id) > 0) && (temp_hex_id[strlen(temp_hex_id) - 1] == '\n'))
temp_hex_id[strlen(temp_hex_id) - 1] = '\0';
uint8_t *bin_id = hex_string_to_bin(temp_hex_id); uint8_t *bin_id = hex_string_to_bin(temp_hex_id);
int num = m_addfriend(m, bin_id, (uint8_t *)"Install Gentoo", sizeof("Install Gentoo")); int num = m_addfriend(m, bin_id, (uint8_t *)"Install Gentoo", sizeof("Install Gentoo"));